Does the Router DNS overrule computer / mobile device DNS?

If computers, phones etc. have their own DNS settings. Does the router still log their activity when they use the network through that router?

Regards

Mike

Comments

rotblitz

"If computers, phones etc. have their own DNS settings"

What do you mean by devices have their own DNS settings? Examples of the scenario?

"Does the router still log their activity when they use the network through that router?"

Does your router have logging capabilities? I can't know, I may not have this (unspecified) router. I only know that OpenDNS logs the DNS traffic it sees from my network. And OpenDNS does not log DNS traffic which is not send to OpenDNS at all. And the router doesn't log traffic either in my case.

"Does the Router DNS overrule computer / mobile device DNS?"

DNS settings of the end devices override DNS settings of the router if no further measures are taken to prevent end devices or end users to use their own DNS settings. Only admin users can change network settings on computers. And with many routers you can block port 53 passthrough or redirect certain traffic to certain destinations.

Not sure why you limit your question to "mobile" devices, however. Mobile devices (like smartphones) may have their own mobile phone based internet connection, so may not use your router at all. So, the question is rather irrelevant regarding this scenario.

July 8, 2013, 17:01

mrmike1976

I'm sorry. I wasnt too clear on my question.

I have setup my router with your dns.

But if a phone connect with my wifi for example. But has its own dns setting (google for example)

Does the activity still log here on the stats page? Or does it go around those?

In other words, do i need to set the dns of each device or is setting it up on the router enough?

July 9, 2013, 03:35

rotblitz

Answer

As I said, DNS settings of the end devices override DNS settings of the router if no further measures are taken to prevent end devices or end users to use their own DNS settings. They do not circumvent OpenDNS if they obtain the DNS server addresses automatically, or if they are set to the router's IP address, or if they are set to any one of OpenDNS resolver addresses.

If they are set to "google for example", then they will override router settings and circumvent OpenDNS if you allow this DNS traffic to pass through the router. This DNS traffic will not be logged at OpenDNS, because it doesn't appear at OpenDNS at all.

You may need to configure the DNS settings of each device if it is not configured to obtain DNS server addresses automatically via DHCP, or if it is not set to the router's IP address, or if it is not already set to OpenDNS resolver addresses.

July 9, 2013, 10:06

mrmike1976

Ok, understood.

Is there a way to force devices to use the openDNS servers? Without accessing the devices themself?

Also, you wouldn't happen to know if Iphones normally have a fixed dns or not?

Thx

Mike

July 9, 2013, 11:16

rotblitz

Answer

"Is there a way to force devices to use the openDNS servers? Without accessing the devices themself?"

This depends on your router or merely the firmware it is flashed with. You either block port 53 passthrough with an outbound firewall rule, or you configure traffic redirection for port 53 traffic to the OpenDNS resolver addresses. The first is supported by more routers, the latter is rather rarely found. And there are routers which support neither of them. The "user friendly" they are, the less options you have, especially not with ISP supplied devices.

And another word about "without accessing the devices". If you can't control the devices in your network, and the users operating them are admins on their devices, you are pretty much out of any luck with controlling anything. They have 8167 ways to circumvent anything, not only OpenDNS. You gave your contol out of hands already. Just that you are aware...

"Also, you wouldn't happen to know if Iphones normally have a fixed dns or not?"

All devices I know are configured to obtain DNS server settings automatically from the DHCP server (which is normally your router), else the risks for not working would be too high.

July 9, 2013, 11:50

mrmike1976

Well i dont think my router has this option. I checked but i cant find anything. I have ingoing port rules, not outgoing.

I have one of these "user friendly" types from my local ISP.

But port 53 is used for DNS?

If i would block this, would devices automaticly use the router's DNS? or would they get errors?

July 9, 2013, 12:16

rotblitz

Answer

Port 53 is the standard port for DNS, yes. If blocking this port helps depends on the router again. More intelligent routers just block passthrough, i.e. direct UDP and TCP traffic over port 53 from an end device to the outside world. Not so much intelligent routers block everything related to port 53 then, including DNS traffic they are to forward only, not to pass through. :(

That said, you really have to test it out for your router if such options exist at all, and if they function as expected. They regularly exist if you flash a router with one of those famous alternative firmwares of Tomato, OpenWRT, DD-WRT and the likes.

And yes, if you blocked port 53 traffic passthrough, the end devices would produce errors if someone configured it with an alternative DNS service, different from your router (as DNS server / forwarder). There would not be DNS at all which looks like no internet at all, because domain names cannot be resolved any longer.

If you are in the lucky situation of being able to generally redirect port 53 traffic to OpenDNS, the user could configure any DNS service. No matter, he would land at OpenDNS all the way and may not even become aware of it - unless he hits a block page or such. But this feature is almost always available with these mentioned alternative firmwares only.

July 9, 2013, 15:01

zo219

I can answer this question in part, perhaps ...for anyone on a Mac, Yes, there is a place in System Preferences/Network Preferences/Advanced/DNS to input your chosen DNS, and it won't hurt to do so ... but do leave your router address there.

Open Airport Utility for this. Under the Internet pane, input your chosen DNS. I do replace the comcast servers that are automatically filled in there, and this has always worked just fine.

August 30, 2013, 16:00

janjavel

Hi Guys,

I am first time in this field.

My problem, i was accessing my DVR through my ihone5 using a mobile application provide by the security company. Now after 2 days it went off until i found out that the public ip have changed to a new one.

Is open DNS can be of help to synchronize the public ip?

Thanks!

September 3, 2013, 02:42

rotblitz

"I am first time in this field. "

I see, else you would not have posted in a thread titled "Does the Router DNS overrule computer / mobile device DNS?"...

"Is open DNS can be of help to synchronize the public ip?"

No, OpenDNS has nothing to do with "synchronizeing" IP addresses. Your IP address is visible only from within the network in question and by your ISP.

However, if you are in the lucky situation that you ran an "Updater" within this network against an OpenDNS network, you can obtain its IP address from the OpenDNS dashboard. But this is not really the purpose of this. You better run an Updater against the hostname you got from your DDNS provider.

September 3, 2013, 07:23

mattc75

do you know about the DVR (Digital Video Recorder)? I am a technician on Dvr Network. Many clients have Dynamic IP address... and as you know the ip address will change. I want to prevent that. is it good for that usage? if so, which one is better? input open dns IP address to the DVR or Router?

I have question about if I configured on dvr on ( computer base) then I can able to view using Opendns? using client software? am I right?

what about stand alone DEVICE (it is Linix base) / (which I can't install client software? but, I can input the open dns IP to the device?

I will wait for your response. thanks in advance.

September 22, 2013, 01:25

rotblitz

mattc75, do you know what time it is and what topic is this thread about?